Описание
A cross-site scripting vulnerability in Trellix Central Management (CM) prior to 9.1.3.97129 allows a remote authenticated attacker to craft CM dashboard internal requests causing arbitrary content to be injected into the response when accessing the CM dashboard.
Уязвимые конфигурации
Конфигурация 1Версия до 9.1.3.97129 (исключая)
cpe:2.3:a:trellix:central_management_system:*:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00087
Низкий
4.6 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 4.6
github
почти 2 года назад
A cross-site scripting vulnerability in Trellix Central Management (CM) prior to 9.1.3.97129 allows a remote authenticated attacker to craft CM dashboard internal requests causing arbitrary content to be injected into the response when accessing the CM dashboard.
EPSS
Процентиль: 25%
0.00087
Низкий
4.6 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79